Login
Newsletter
Werbung
Sicherheit: Unsichere Verwendung temporärer Dateien in Nagios
Aktuelle Meldungen Distributionen
Name: Unsichere Verwendung temporärer Dateien in Nagios
ID: FEDORA-2013-10950
Distribution: Fedora
Plattformen: Fedora 18
Datum: Di, 25. Juni 2013, 07:16
Referenzen: Keine Angabe
Applikationen: Nagios

Originalnachricht

 
Name        : nagios
Product     : Fedora 18
Version     : 3.5.0
Release     : 5.fc18
URL         : http://www.nagios.org/
Summary     : Nagios monitors hosts and services and yells if somethings breaks
Description :
Nagios is a program that will monitor hosts and services on your
network.  It has the ability to send email or page alerts when a
problem arises and when a problem is resolved.  Nagios is written
in C and is designed to run under Linux (and some other *NIX
variants) as a background process, intermittently running checks
on various services that you specify.

The actual service checks are performed by separate "plugin" programs
which return the status of the checks to Nagios. The plugins are
available at http://sourceforge.net/projects/nagiosplug.

This package provides the core program, web interface, and documentation
files for Nagios. Development files are built as a separate package.

-------------------------------------------------------------------------------
-
Update Information:

Build package with PIE flags (#965529); Insecure temporary file usage in
 nagios.upgrade_to_v3.sh (#958292)
-------------------------------------------------------------------------------
-
ChangeLog:

* Sat Jun 15 2013 Jose Pedro Oliveira <jpo at di.uminho.pt> - 3.5.0-5
- Build package with PIE flags (#965529)
- Insecure temporary file usage in nagios.upgrade_to_v3.sh (#958292)
* Tue Jun 11 2013 Remi Collet <rcollet@redhat.com> - 3.5.0-4
- rebuild for new GD 2.1.0
* Wed Apr 24 2013 Jose Pedro Oliveira <jpo at di.uminho.pt> - 3.5.0-3
- Add cfg_dir=/etc/nagios/conf.d to the main nagios configuration file
  (nagios-3.5.0-conf.d-configuration-directory.patch) (#907145#c5)
- Own the configuration directory /etc/nagios/conf.d (#907145#c5)
- Ship the internet.cfg configuration file as documentation (#907145#c5)
* Sat Apr 20 2013 Jose Pedro Oliveira <jpo at di.uminho.pt> - 3.5.0-2
- Patch nagios-3.4.3-spaces-to-plus-signs.patch (#952139)
  (upstream http://tracker.nagios.org/view.php?id=407)
* Sat Apr 20 2013 Jose Pedro Oliveira <jpo at di.uminho.pt> - 3.5.0-1
- Update to 3.5.0
* Thu Feb 14 2013 Fedora Release Engineering
 <rel-eng@lists.fedoraproject.org> - 3.4.4-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild
* Mon Jan 21 2013 Adam Tkac <atkac redhat com> - 3.4.4-2
- rebuild due to "jpeg8-ABI" feature drop
* Sun Jan 13 2013 Jose Pedro Oliveira <jpo at di.uminho.pt> - 3.4.4-1
- Update to 3.4.4
- CVE-2012-6096 (#893269)
* Sun Jan 13 2013 Jose Pedro Oliveira <jpo at di.uminho.pt> - 3.4.3-5
- Refactored the patch
 nagios-0010-Added-several-images-to-the-sample-config.patch
  as patch can't create binary files (#875362).
  The old patch10 was replaced by
 nagios-0010-Added-several-images-to-the-sample-config-revb.patch
  and the PNG files included as sources 10, 11, and 12.
* Fri Dec 21 2012 Adam Tkac <atkac redhat com> - 3.4.3-4
- rebuild against new libjpeg
* Wed Dec  5 2012 Jose Pedro Oliveira <jpo at di.uminho.pt> - 3.4.3-3
- Use the Apache 2.4 RequireAll authorization container
* Tue Dec  4 2012 Jose Pedro Oliveira <jpo at di.uminho.pt> - 3.4.3-2
- Apache 2.4 configuration fix for Fedora 18+ (#871438);
  Patch nagios-3.4.3-httpd-2.4-and-2.2.patch
* Tue Dec  4 2012 Jose Pedro Oliveira <jpo at di.uminho.pt> - 3.4.3-1
- Upgrade to 3.4.3
* Sat Nov 10 2012 Jose Pedro Oliveira <jpo at di.uminho.pt> - 3.4.2-1
- Upgrade to 3.4.2
-------------------------------------------------------------------------------
-
References:

  [ 1 ] Bug #965529 - nagios package should be built with PIE flags
        https://bugzilla.redhat.com/show_bug.cgi?id=965529
  [ 2 ] Bug #958292 - Nagios core: Insecure temporary file usage in
 nagios.upgrade_to_v3.sh [fedora-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=958292
-------------------------------------------------------------------------------
-

This update can be installed with the "yum" update program.  Use 
su -c 'yum update nagios' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key.  More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
-------------------------------------------------------------------------------
-
_______________________________________________
package-announce mailing list
package-announce@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/package-announce
Pro-Linux
Pro-Linux @Facebook
Neue Nachrichten

141
Mach­t's gut!

51
Neue Raspber­ry Pi-Va­ri­an­te mit 8 GB RAM

0
Genode 20.05 frei­ge­ge­ben

9
Sub­ver­si­on 1.14.0-LTS vor­ge­stellt

0
»Hum­ble Ci­ties: Sky­lines Bund­le« vor­ge­stellt

0
End of Life für Co­reOS Con­tai­ner Linux ver­kün­det

32
Elek­tra 0.9.2 er­schie­nen

8
Nex­tDNS ver­lässt die Be­ta-Pha­se

23
Tu­xe­do stellt Ga­mer-Note­book vor

0
Libre Gra­phics Mee­ting be­ginnt als On­li­ne-Va­ri­an­te
 
Werbung